Job Title:

Compliance Officer

Responsible to:

Head of Compliance & Central Support

Salary:

Job location:

£27,000- £31,000 per annum (dependent upon experience)

Hybrid working – based at one of our office locations
(Church Gresley or Derby) and work from home

Work Pattern:

Monday to Friday – 37.5 hours (Full time)

Role purpose:

The  Compliance  Officer  plays  a  crucial  role  in  ensuring  the  organisation  operates  in  full
accordance with all relevant UK laws, regulations, and sector best practices.

The role protects the charity’s reputation and public trust by implementing, maintaining,
and improving compliance systems covering statutory obligations, safeguarding, GDPR and
data  protection,  complaints  handling,  and  website  &  social  media  content  compliance.
Working closely with senior managers, the postholder fosters a culture of accountability,
transparency, and ethical conduct – enabling CAMM to deliver its mission with integrity and
legal  compliance.    The  post  holder  is  responsible  for  managing  the  compliance  and
complaints mailboxes and is the main point of contact for all compliance queries.

Main Duties and Responsibilities:

Compliance/GDPR Administration

•  Facilitate

the

timely

legal
agreements/documents using electronic signature software, proactively ensuring that
documents are received by the appropriate parties and signed copies are saved to file
identification  and  procurement  of  software  that  meets  GDPR

and  other

signing  of

contracts

funding

•  Assist

in  the
requirements

•  Draft,  review  and  manage  Data  Sharing  Agreements  (DSAs)  with  third  parties  and
partners to ensure  that all  data  transfers  comply with  UK  GDPR  and  organisational
policies

•  Lead  on  and  drive  completion  of  Data  Protection  Impact  Assessments  (DPIAs)  to
identify and mitigate privacy risks related to new or changed data processing activities
or new services

•  Maintain oversight of GDPR compliance documentation and records to demonstrate

accountability

•  Support ongoing monitoring and updating of GDPR policies/procedures, ensuring they

Job Title:          Compliance Officerv2

reflect current regulations and best practice

•  Manage  and  coordinate  operational  components  of  security  incident  management

including response and reporting

•  Ensure  the  organisation  complies  with  data  breach  and  subject  access  request

procedures, liaising with all relevant parties including clients

•  Manage  and  maintain the  Information  Asset  Register,  working  with  our  services  to
identify information assets, evaluate risks, determine appropriate security measures
and audit information provided

Complaints Handling:

•  Review  and  maintain  a  robust  complaint  handling  process  in  line  with  regulatory
requirements and best practices, ensuring that this falls in line with National Citizens
Advice and funder requirements

•  Oversee  the  timely  and  effective  resolution  of  complaints,  proactively  liaising  with
internal teams and clients to investigate complaints, ensuring deadlines for responses
are met

•  Provide regular reports on complaints metrics and provide insights to management
•

Identify  and  recommend  improvements  based  on  complaints  analysis  to  improve
processes, as appropriate

Policy & Procedure Management

•  Draft, review, and update policies and procedures, as required
•  Monitor  changes  in  regulation,  ensuring  internal  policies  align  with  UK  charity  and

data protection law and alignment with national Citizens Advice

•  Assist with provision of due diligence information to funders and other stakeholders,

as required

•  Liaise  with  service  delivery  partners  to  obtain  due  diligence  information,  as

appropriate

Website & Social Media Content Management:

•  Oversee and manage content on our websites to ensure compliance with legal, ethical

and brand guidelines

•  Oversee  the  development  of  social  media  policies  that  align  with  compliance

requirements

•  Super user responsibility for social media channels
•  Monitor social media channels for compliance with internal guidelines and external
regulations  and  collaborate  with  service  teams to  ensure that promotional  content
adheres to compliance standards

•  Conduct regular audits of website and social media content for compliance risks

Training

•  Liaise with operational leads to ensure annual mandatory training is completed
•  Develop materials to enhance and promote data privacy / cyber security awareness,

liaising with third-party IT provider

Job Title:          Compliance Officerv2

General Compliance Duties:

•  Ensure safeguarding, data breach and complaints registers are kept up to date and
proactively liaise with operational leads for follow up information, as appropriate

•  Monitor and assess operational processes for compliance risks
•  Conduct internal compliance reviews
•  Prepare compliance reports for Head of Compliance & Central Support, highlighting

potential risks and suggested mitigation

Other duties and responsibilities

•  Present on behalf of the Head of Compliance & Central Support on compliance-related

matters, when required

•  Attend  operational  and  other  management  meetings  to  present  reports  or

disseminate important information

•  Greet clients and other visitors to the premises
•  Abide by safeguarding, H&S and GDPR guidelines
•  Undertake any other relevant duties that may be reasonably requested by the Head
of Compliance & Central Support to ensure the smooth running of the department

•  Approach tasks with enthusiasm, drive and a can-do attitude
•  Flexible approach to working hours as required by the needs of the business

CORE VALUES

All members of the organisation will commit to:

•  Communicate: We will be consistent, positive, passionate and listen.

•  Ownership:  We  will  be  accountable,  make  a  difference,  meet  deadlines,  keep

promises and have solutions.

•  Respect: We will be honest, work with integrity, trust each other, be fair, tolerant and

stand for equality.

•  Effective: We will deliver quality, focus on detail and be professional.

Job Title:          Compliance Officerv2

Person Specification
1.

2.

3.

4.

5.

6.

7.

8.

9.

10.

11.

12.

13.

14.

15.

16.

Specialist experience within a compliance
role, with GDPR expertise
Good understanding of regulatory
requirements and data privacy principles
Proven strong knowledge of Microsoft
Office 365 applications
Experience of complaint handling

Excellent analytical and problem-solving
skills
Outstanding written and verbal
communication abilities
Excellent organisational and document
management skills
High level of accuracy and thoroughness
with excellent attention to detail and a
systematic approach to managing tasks
Demonstrable experience in following and
improving processes
Demonstrable ability to work under
pressure, to deadlines, in a fast-paced
environment
Experience of complaint handling

Full clean driving licence and use of own
vehicle
Proficiency in website/social media
platform management
Experience of implementing an information
management system
Experience of conducting internal audits

Bachelor’s degree in Business or related
field or a professional data protection
qualification

Essential

Desirable

x

x

x

x

x

x

x

x

x

x

x

x

x

x

x

x

Job Title:          Compliance Officerv2